1. Field of the Invention
The present invention relates generally to a security system and method for providing user authentication and, more particularly, to a security system and method for ensuring user identity in accessing user accounts in said system.
2. Background and Related Art
There are a variety of techniques used to establish the identity of a user in accessing secure information stored in large server systems. With the computing world evolving towards an era where large numbers of users need to communicate with these large server systems, user environment and convenience dictate the necessity for a variety of modes of user access to user accounts, for example. One common and convenient mode of user access is through voice or audio access. Another common and convenient mode of access is through a keyboard, or touch pad associated with a computer or phone system.
Regardless of the mode of access, it is clear that it is critical before allowing user access to confidential information available on servers that there is an effective way to efficiently verify the identity claim of a user attempting to gain access. The ability to effectively verify identity becomes increasingly difficult where access is required in public areas, i.e. areas where others that should not be privy to the identity information provided to gain access may become privy by their presence.
For example, where users need to verbally self-identify over a telephone, the verbal information provided for self-identity may be easily overheard and readily re-used by an impersonator. Similarly, use of a keyboard for self-identity may be observed although not as readily. Typically required information, such as, user account number, social security number, date of birth and mother's maiden name are therefore prone to risk when provided in an open environment.
Accordingly, there is need for a method and system apparatus that allows a user to effectively gain access, while in public areas, to secure information servers without the risk of others obtaining the identity information used to gain access to the servers.